Description of the security update for SharePoint Enterprise Server 2013: April 9, 2019

Content provided by Microsoft

Applies to: Microsoft SharePoint Server 2013 Service Pack 1

Select Product Version

Summary

This security update resolves a cross-site–scripting (XSS) vulnerability that exists when Microsoft SharePoint Server does not correctly sanitize a specially crafted web request that's made to an affected SharePoint server. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2019-0831.

How to get and install the update

Method 1: Microsoft Update

This update is available through Windows Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to turn on automatic updating, see Windows Update: FAQ.